npm - @teneo-protocol/sdk - Versions diffs - 1.0.0 - Mend

@teneo-protocol/sdk 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (281) hide show

package/.dockerignore +14 -0
package/.env.test.example +14 -0
package/.eslintrc.json +26 -0
package/.github/workflows/claude-code-review.yml +78 -0
package/.github/workflows/claude-reviewer.yml +64 -0
package/.github/workflows/publish-npm.yml +38 -0
package/.github/workflows/push-to-main.yml +23 -0
package/.node-version +1 -0
package/.prettierrc +11 -0
package/Dockerfile +25 -0
package/LICENCE +661 -0
package/README.md +709 -0
package/dist/constants.d.ts +42 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +45 -0
package/dist/constants.js.map +1 -0
package/dist/core/websocket-client.d.ts +261 -0
package/dist/core/websocket-client.d.ts.map +1 -0
package/dist/core/websocket-client.js +875 -0
package/dist/core/websocket-client.js.map +1 -0
package/dist/formatters/response-formatter.d.ts +354 -0
package/dist/formatters/response-formatter.d.ts.map +1 -0
package/dist/formatters/response-formatter.js +575 -0
package/dist/formatters/response-formatter.js.map +1 -0
package/dist/handlers/message-handler-registry.d.ts +155 -0
package/dist/handlers/message-handler-registry.d.ts.map +1 -0
package/dist/handlers/message-handler-registry.js +216 -0
package/dist/handlers/message-handler-registry.js.map +1 -0
package/dist/handlers/message-handlers/agent-selected-handler.d.ts +112 -0
package/dist/handlers/message-handlers/agent-selected-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/agent-selected-handler.js +40 -0
package/dist/handlers/message-handlers/agent-selected-handler.js.map +1 -0
package/dist/handlers/message-handlers/agents-list-handler.d.ts +14 -0
package/dist/handlers/message-handlers/agents-list-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/agents-list-handler.js +25 -0
package/dist/handlers/message-handlers/agents-list-handler.js.map +1 -0
package/dist/handlers/message-handlers/auth-error-handler.d.ts +71 -0
package/dist/handlers/message-handlers/auth-error-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/auth-error-handler.js +30 -0
package/dist/handlers/message-handlers/auth-error-handler.js.map +1 -0
package/dist/handlers/message-handlers/auth-message-handler.d.ts +18 -0
package/dist/handlers/message-handlers/auth-message-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/auth-message-handler.js +60 -0
package/dist/handlers/message-handlers/auth-message-handler.js.map +1 -0
package/dist/handlers/message-handlers/auth-required-handler.d.ts +76 -0
package/dist/handlers/message-handlers/auth-required-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/auth-required-handler.js +23 -0
package/dist/handlers/message-handlers/auth-required-handler.js.map +1 -0
package/dist/handlers/message-handlers/auth-success-handler.d.ts +18 -0
package/dist/handlers/message-handlers/auth-success-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/auth-success-handler.js +51 -0
package/dist/handlers/message-handlers/auth-success-handler.js.map +1 -0
package/dist/handlers/message-handlers/base-handler.d.ts +55 -0
package/dist/handlers/message-handlers/base-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/base-handler.js +83 -0
package/dist/handlers/message-handlers/base-handler.js.map +1 -0
package/dist/handlers/message-handlers/challenge-handler.d.ts +73 -0
package/dist/handlers/message-handlers/challenge-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/challenge-handler.js +47 -0
package/dist/handlers/message-handlers/challenge-handler.js.map +1 -0
package/dist/handlers/message-handlers/error-message-handler.d.ts +76 -0
package/dist/handlers/message-handlers/error-message-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/error-message-handler.js +29 -0
package/dist/handlers/message-handlers/error-message-handler.js.map +1 -0
package/dist/handlers/message-handlers/index.d.ts +28 -0
package/dist/handlers/message-handlers/index.d.ts.map +1 -0
package/dist/handlers/message-handlers/index.js +100 -0
package/dist/handlers/message-handlers/index.js.map +1 -0
package/dist/handlers/message-handlers/list-rooms-response-handler.d.ts +122 -0
package/dist/handlers/message-handlers/list-rooms-response-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/list-rooms-response-handler.js +30 -0
package/dist/handlers/message-handlers/list-rooms-response-handler.js.map +1 -0
package/dist/handlers/message-handlers/ping-pong-handler.d.ts +104 -0
package/dist/handlers/message-handlers/ping-pong-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/ping-pong-handler.js +36 -0
package/dist/handlers/message-handlers/ping-pong-handler.js.map +1 -0
package/dist/handlers/message-handlers/regular-message-handler.d.ts +56 -0
package/dist/handlers/message-handlers/regular-message-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/regular-message-handler.js +59 -0
package/dist/handlers/message-handlers/regular-message-handler.js.map +1 -0
package/dist/handlers/message-handlers/subscribe-response-handler.d.ts +81 -0
package/dist/handlers/message-handlers/subscribe-response-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/subscribe-response-handler.js +48 -0
package/dist/handlers/message-handlers/subscribe-response-handler.js.map +1 -0
package/dist/handlers/message-handlers/task-response-handler.d.ts +14 -0
package/dist/handlers/message-handlers/task-response-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/task-response-handler.js +44 -0
package/dist/handlers/message-handlers/task-response-handler.js.map +1 -0
package/dist/handlers/message-handlers/types.d.ts +51 -0
package/dist/handlers/message-handlers/types.d.ts.map +1 -0
package/dist/handlers/message-handlers/types.js +7 -0
package/dist/handlers/message-handlers/types.js.map +1 -0
package/dist/handlers/message-handlers/unsubscribe-response-handler.d.ts +81 -0
package/dist/handlers/message-handlers/unsubscribe-response-handler.d.ts.map +1 -0
package/dist/handlers/message-handlers/unsubscribe-response-handler.js +48 -0
package/dist/handlers/message-handlers/unsubscribe-response-handler.js.map +1 -0
package/dist/handlers/webhook-handler.d.ts +202 -0
package/dist/handlers/webhook-handler.d.ts.map +1 -0
package/dist/handlers/webhook-handler.js +511 -0
package/dist/handlers/webhook-handler.js.map +1 -0
package/dist/index.d.ts +71 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +217 -0
package/dist/index.js.map +1 -0
package/dist/managers/agent-registry.d.ts +173 -0
package/dist/managers/agent-registry.d.ts.map +1 -0
package/dist/managers/agent-registry.js +310 -0
package/dist/managers/agent-registry.js.map +1 -0
package/dist/managers/connection-manager.d.ts +134 -0
package/dist/managers/connection-manager.d.ts.map +1 -0
package/dist/managers/connection-manager.js +176 -0
package/dist/managers/connection-manager.js.map +1 -0
package/dist/managers/index.d.ts +9 -0
package/dist/managers/index.d.ts.map +1 -0
package/dist/managers/index.js +16 -0
package/dist/managers/index.js.map +1 -0
package/dist/managers/message-router.d.ts +112 -0
package/dist/managers/message-router.d.ts.map +1 -0
package/dist/managers/message-router.js +260 -0
package/dist/managers/message-router.js.map +1 -0
package/dist/managers/room-manager.d.ts +165 -0
package/dist/managers/room-manager.d.ts.map +1 -0
package/dist/managers/room-manager.js +227 -0
package/dist/managers/room-manager.js.map +1 -0
package/dist/teneo-sdk.d.ts +703 -0
package/dist/teneo-sdk.d.ts.map +1 -0
package/dist/teneo-sdk.js +907 -0
package/dist/teneo-sdk.js.map +1 -0
package/dist/types/config.d.ts +1047 -0
package/dist/types/config.d.ts.map +1 -0
package/dist/types/config.js +720 -0
package/dist/types/config.js.map +1 -0
package/dist/types/error-codes.d.ts +29 -0
package/dist/types/error-codes.d.ts.map +1 -0
package/dist/types/error-codes.js +41 -0
package/dist/types/error-codes.js.map +1 -0
package/dist/types/events.d.ts +616 -0
package/dist/types/events.d.ts.map +1 -0
package/dist/types/events.js +261 -0
package/dist/types/events.js.map +1 -0
package/dist/types/health.d.ts +40 -0
package/dist/types/health.d.ts.map +1 -0
package/dist/types/health.js +6 -0
package/dist/types/health.js.map +1 -0
package/dist/types/index.d.ts +10 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +123 -0
package/dist/types/index.js.map +1 -0
package/dist/types/messages.d.ts +3734 -0
package/dist/types/messages.d.ts.map +1 -0
package/dist/types/messages.js +482 -0
package/dist/types/messages.js.map +1 -0
package/dist/types/validation.d.ts +81 -0
package/dist/types/validation.d.ts.map +1 -0
package/dist/types/validation.js +115 -0
package/dist/types/validation.js.map +1 -0
package/dist/utils/bounded-queue.d.ts +127 -0
package/dist/utils/bounded-queue.d.ts.map +1 -0
package/dist/utils/bounded-queue.js +181 -0
package/dist/utils/bounded-queue.js.map +1 -0
package/dist/utils/circuit-breaker.d.ts +141 -0
package/dist/utils/circuit-breaker.d.ts.map +1 -0
package/dist/utils/circuit-breaker.js +215 -0
package/dist/utils/circuit-breaker.js.map +1 -0
package/dist/utils/deduplication-cache.d.ts +110 -0
package/dist/utils/deduplication-cache.d.ts.map +1 -0
package/dist/utils/deduplication-cache.js +177 -0
package/dist/utils/deduplication-cache.js.map +1 -0
package/dist/utils/event-waiter.d.ts +101 -0
package/dist/utils/event-waiter.d.ts.map +1 -0
package/dist/utils/event-waiter.js +118 -0
package/dist/utils/event-waiter.js.map +1 -0
package/dist/utils/index.d.ts +51 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +72 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/logger.d.ts +22 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +91 -0
package/dist/utils/logger.js.map +1 -0
package/dist/utils/rate-limiter.d.ts +122 -0
package/dist/utils/rate-limiter.d.ts.map +1 -0
package/dist/utils/rate-limiter.js +190 -0
package/dist/utils/rate-limiter.js.map +1 -0
package/dist/utils/retry-policy.d.ts +191 -0
package/dist/utils/retry-policy.d.ts.map +1 -0
package/dist/utils/retry-policy.js +225 -0
package/dist/utils/retry-policy.js.map +1 -0
package/dist/utils/secure-private-key.d.ts +113 -0
package/dist/utils/secure-private-key.d.ts.map +1 -0
package/dist/utils/secure-private-key.js +188 -0
package/dist/utils/secure-private-key.js.map +1 -0
package/dist/utils/signature-verifier.d.ts +143 -0
package/dist/utils/signature-verifier.d.ts.map +1 -0
package/dist/utils/signature-verifier.js +238 -0
package/dist/utils/signature-verifier.js.map +1 -0
package/dist/utils/ssrf-validator.d.ts +36 -0
package/dist/utils/ssrf-validator.d.ts.map +1 -0
package/dist/utils/ssrf-validator.js +195 -0
package/dist/utils/ssrf-validator.js.map +1 -0
package/examples/.env.example +17 -0
package/examples/basic-usage.ts +211 -0
package/examples/production-dashboard/.env.example +153 -0
package/examples/production-dashboard/package.json +39 -0
package/examples/production-dashboard/public/dashboard.html +642 -0
package/examples/production-dashboard/server.ts +753 -0
package/examples/webhook-integration.ts +239 -0
package/examples/x-influencer-battle-redesign.html +1065 -0
package/examples/x-influencer-battle-server.ts +217 -0
package/examples/x-influencer-battle.html +787 -0
package/package.json +65 -0
package/src/constants.ts +43 -0
package/src/core/websocket-client.test.ts +512 -0
package/src/core/websocket-client.ts +1056 -0
package/src/formatters/response-formatter.test.ts +571 -0
package/src/formatters/response-formatter.ts +677 -0
package/src/handlers/message-handler-registry.ts +239 -0
package/src/handlers/message-handlers/agent-selected-handler.ts +40 -0
package/src/handlers/message-handlers/agents-list-handler.ts +26 -0
package/src/handlers/message-handlers/auth-error-handler.ts +31 -0
package/src/handlers/message-handlers/auth-message-handler.ts +66 -0
package/src/handlers/message-handlers/auth-required-handler.ts +23 -0
package/src/handlers/message-handlers/auth-success-handler.ts +57 -0
package/src/handlers/message-handlers/base-handler.ts +101 -0
package/src/handlers/message-handlers/challenge-handler.ts +57 -0
package/src/handlers/message-handlers/error-message-handler.ts +27 -0
package/src/handlers/message-handlers/index.ts +77 -0
package/src/handlers/message-handlers/list-rooms-response-handler.ts +28 -0
package/src/handlers/message-handlers/ping-pong-handler.ts +30 -0
package/src/handlers/message-handlers/regular-message-handler.ts +65 -0
package/src/handlers/message-handlers/subscribe-response-handler.ts +47 -0
package/src/handlers/message-handlers/task-response-handler.ts +45 -0
package/src/handlers/message-handlers/types.ts +77 -0
package/src/handlers/message-handlers/unsubscribe-response-handler.ts +47 -0
package/src/handlers/webhook-handler.test.ts +789 -0
package/src/handlers/webhook-handler.ts +576 -0
package/src/index.ts +269 -0
package/src/managers/agent-registry.test.ts +466 -0
package/src/managers/agent-registry.ts +347 -0
package/src/managers/connection-manager.ts +195 -0
package/src/managers/index.ts +9 -0
package/src/managers/message-router.ts +349 -0
package/src/managers/room-manager.ts +248 -0
package/src/teneo-sdk.ts +1022 -0
package/src/types/config.test.ts +325 -0
package/src/types/config.ts +799 -0
package/src/types/error-codes.ts +44 -0
package/src/types/events.test.ts +302 -0
package/src/types/events.ts +382 -0
package/src/types/health.ts +46 -0
package/src/types/index.ts +199 -0
package/src/types/messages.test.ts +660 -0
package/src/types/messages.ts +570 -0
package/src/types/validation.ts +123 -0
package/src/utils/bounded-queue.test.ts +356 -0
package/src/utils/bounded-queue.ts +205 -0
package/src/utils/circuit-breaker.test.ts +394 -0
package/src/utils/circuit-breaker.ts +262 -0
package/src/utils/deduplication-cache.test.ts +380 -0
package/src/utils/deduplication-cache.ts +198 -0
package/src/utils/event-waiter.test.ts +381 -0
package/src/utils/event-waiter.ts +172 -0
package/src/utils/index.ts +74 -0
package/src/utils/logger.ts +87 -0
package/src/utils/rate-limiter.test.ts +341 -0
package/src/utils/rate-limiter.ts +211 -0
package/src/utils/retry-policy.test.ts +558 -0
package/src/utils/retry-policy.ts +272 -0
package/src/utils/secure-private-key.test.ts +356 -0
package/src/utils/secure-private-key.ts +205 -0
package/src/utils/signature-verifier.test.ts +464 -0
package/src/utils/signature-verifier.ts +298 -0
package/src/utils/ssrf-validator.test.ts +372 -0
package/src/utils/ssrf-validator.ts +224 -0
package/tests/integration/real-server.test.ts +740 -0
package/tests/integration/websocket.test.ts +381 -0
package/tests/integration-setup.ts +16 -0
package/tests/setup.ts +34 -0
package/tsconfig.json +32 -0
package/vitest.config.ts +42 -0
package/vitest.integration.config.ts +23 -0

package/src/handlers/webhook-handler.ts ADDED Viewed

@@ -0,0 +1,576 @@
+/**
+ * Webhook handler for Teneo Protocol SDK
+ * Manages webhook delivery with retries and error handling using Zod validation
+ */
+import fetch, { RequestInit } from "node-fetch";
+import { EventEmitter } from "eventemitter3";
+import { z } from "zod";
+import { validateWebhookUrl as validateSSRF } from "../utils/ssrf-validator";
+import { BoundedQueue } from "../utils/bounded-queue";
+import { CircuitBreaker, CircuitBreakerError } from "../utils/circuit-breaker";
+import { RetryPolicy } from "../utils/retry-policy";
+import {
+  WebhookConfig,
+  WebhookConfigSchema,
+  WebhookEventType,
+  WebhookEventTypeSchema,
+  WebhookPayload,
+  WebhookPayloadSchema,
+  BaseMessage,
+  BaseMessageSchema,
+  Logger,
+  LoggerSchema,
+  SDKConfig,
+  SDKConfigSchema
+} from "../types";
+import { SDKEvents, WebhookError, ValidationError } from "../types/events";
+import { TIMEOUTS, RETRY } from "../constants";
+interface WebhookQueueItem {
+  payload: WebhookPayload;
+  attempts: number;
+  lastAttempt?: Date;
+  nextRetry?: Date;
+  error?: Error;
+}
+export class WebhookHandler extends EventEmitter<SDKEvents> {
+  private readonly config: SDKConfig;
+  private webhookConfig?: WebhookConfig;
+  private readonly logger: Logger;
+  private queue: BoundedQueue<WebhookQueueItem>;
+  private circuitBreaker: CircuitBreaker;
+  private retryPolicy: RetryPolicy;
+  private isProcessing = false;
+  private processTimer?: NodeJS.Timeout;
+  private isDestroyed = false;
+  constructor(config: SDKConfig, logger: Logger) {
+    super();
+    // Validate config and logger with Zod
+    this.config = SDKConfigSchema.parse(config);
+    this.logger = LoggerSchema.parse(logger);
+    // Initialize bounded queue to prevent unbounded memory growth (CB-1)
+    // Max 1000 webhooks, drop oldest on overflow
+    this.queue = new BoundedQueue<WebhookQueueItem>(1000, "drop-oldest");
+    // Initialize circuit breaker for fault tolerance (CB-3)
+    // Opens after 5 failures, closes after 2 successes, 60s timeout
+    this.circuitBreaker = new CircuitBreaker({
+      failureThreshold: 5,
+      successThreshold: 2,
+      timeout: 60000,
+      windowSize: 60000
+    });
+    // Initialize webhook retry policy (REL-3)
+    if (this.config.webhookRetryStrategy) {
+      // User provided custom strategy
+      this.retryPolicy = new RetryPolicy(this.config.webhookRetryStrategy);
+      this.logger.info("Custom webhook retry strategy configured", {
+        type: this.config.webhookRetryStrategy.type,
+        baseDelay: this.config.webhookRetryStrategy.baseDelay,
+        maxDelay: this.config.webhookRetryStrategy.maxDelay,
+        maxAttempts: this.config.webhookRetryStrategy.maxAttempts
+      });
+    } else {
+      // Use default exponential backoff matching previous hardcoded behavior
+      // Previous: RETRY.BASE_DELAY (1000ms) * 2^(attempt-1), max RETRY.MAX_WEBHOOK_DELAY (30000ms)
+      // Default retries: 3
+      this.retryPolicy = RetryPolicy.exponential(
+        RETRY.BASE_DELAY, // 1000ms base delay
+        RETRY.MAX_WEBHOOK_DELAY, // 30000ms max delay
+        this.config.webhookRetries ?? 3,
+        false // jitter disabled by default for webhooks
+      );
+    }
+    if (this.config.webhookUrl) {
+      // Create and validate webhook configuration
+      this.webhookConfig = WebhookConfigSchema.parse({
+        url: this.config.webhookUrl,
+        headers: this.config.webhookHeaders,
+        retries: this.config.webhookRetries ?? 3,
+        timeout: this.config.webhookTimeout ?? TIMEOUTS.WEBHOOK_TIMEOUT,
+        events: ["message", "task_response", "agent_selected", "error"]
+      });
+    }
+  }
+  /**
+   * Configures or updates webhook settings with runtime validation.
+   * Validates the webhook URL for security (HTTPS requirement except localhost)
+   * and sets up retry logic, timeout, and event filtering.
+   *
+   * @param config - Webhook configuration object
+   * @param config.url - Webhook endpoint URL (must be HTTPS unless localhost)
+   * @param config.headers - Optional HTTP headers to include with requests
+   * @param config.retries - Maximum number of retry attempts for failed deliveries (default: 3)
+   * @param config.timeout - Request timeout in milliseconds (default: 30000)
+   * @param config.events - Array of event types to send webhooks for (default: all events)
+   * @throws {WebhookError} If URL is invalid, insecure, or points to private IP ranges
+   *
+   * @example
+   * ```typescript
+   * webhookHandler.configure({
+   *   url: 'https://api.example.com/webhooks',
+   *   headers: { 'Authorization': 'Bearer token' },
+   *   retries: 5,
+   *   timeout: 60000,
+   *   events: ['message', 'agent_selected', 'error']
+   * });
+   * ```
+   */
+  public configure(config: WebhookConfig): void {
+    // Validate configuration with Zod
+    const validatedConfig = WebhookConfigSchema.parse(config);
+    this.validateWebhookUrl(validatedConfig.url);
+    this.webhookConfig = {
+      ...validatedConfig,
+      retries: validatedConfig.retries ?? 3,
+      timeout: validatedConfig.timeout ?? TIMEOUTS.WEBHOOK_TIMEOUT,
+      events: validatedConfig.events ?? ["message", "task_response", "agent_selected", "error"]
+    };
+    this.logger.info("Webhook configured", {
+      url: validatedConfig.url,
+      events: this.webhookConfig.events
+    });
+  }
+  /**
+   * Sends a webhook for a specific event type with payload validation.
+   * Validates event type and payload with Zod schemas before queueing.
+   * Webhooks are queued and delivered asynchronously with retry logic.
+   * Emits 'webhook:sent', 'webhook:success', or 'webhook:error' events.
+   *
+   * @param eventType - Type of event to send ('message', 'task_response', 'agent_selected', or 'error')
+   * @param data - Event-specific data payload (validated with Zod)
+   * @param metadata - Optional metadata to include with the event
+   * @returns Promise that resolves when webhook is queued (not when delivered)
+   * @throws {ValidationError} If eventType or data fail Zod validation
+   *
+   * @example
+   * ```typescript
+   * await webhookHandler.sendWebhook('agent_selected', {
+   *   agent_id: 'weather-agent',
+   *   agent_name: 'Weather Agent',
+   *   capabilities: ['weather-forecast']
+   * }, {
+   *   agentId: 'weather-agent',
+   *   taskId: 'task-123'
+   * });
+   * ```
+   */
+  public async sendWebhook(eventType: WebhookEventType, data: any, metadata?: any): Promise<void> {
+    if (!this.webhookConfig || this.isDestroyed) {
+      return;
+    }
+    try {
+      // Validate event type
+      const validatedEventType = WebhookEventTypeSchema.parse(eventType);
+      // Check if this event type should trigger a webhook
+      if (this.webhookConfig.events && !this.webhookConfig.events.includes(validatedEventType)) {
+        return;
+      }
+      // Create and validate payload
+      const payload = WebhookPayloadSchema.parse({
+        event: validatedEventType,
+        timestamp: new Date().toISOString(),
+        data,
+        metadata
+      });
+      // Add to queue (bounded - will drop oldest if full)
+      const pushed = this.queue.push({
+        payload,
+        attempts: 0
+      });
+      if (!pushed) {
+        this.logger.warn("Webhook queue full - oldest webhook dropped", {
+          queueSize: this.queue.size()
+        });
+      }
+      // Process queue
+      this.processQueue();
+    } catch (error) {
+      if (error instanceof z.ZodError) {
+        this.logger.error("Invalid webhook payload", error);
+        throw new ValidationError("Invalid webhook payload", error);
+      }
+      throw error;
+    }
+  }
+  /**
+   * Sends a webhook specifically for message events with automatic event type detection.
+   * Filters out system messages (ping, pong, auth) and maps message types to webhook events.
+   * Validates message with Zod schema before sending.
+   *
+   * @param message - The message to send as a webhook
+   * @returns Promise that resolves when webhook is queued
+   * @throws {ValidationError} If message fails Zod validation
+   *
+   * @example
+   * ```typescript
+   * const userMessage = createUserMessage('Hello', 'general', walletAddress);
+   * await webhookHandler.sendMessageWebhook(userMessage);
+   * // Webhook will be sent with event type 'message'
+   * ```
+   */
+  public async sendMessageWebhook(message: BaseMessage): Promise<void> {
+    if (!message) return;
+    // Skip system messages that shouldn't be sent as webhooks
+    const skipMessageTypes = [
+      "agents",
+      "auth",
+      "auth_required",
+      "pong",
+      "ping",
+      "auth_success",
+      "auth_error",
+      "challenge",
+      "request_challenge"
+    ];
+    if (skipMessageTypes.includes(message.type)) {
+      return;
+    }
+    try {
+      // Validate message with Zod
+      const validatedMessage = BaseMessageSchema.parse(message);
+      let eventType: WebhookEventType;
+      switch (validatedMessage.type) {
+        case "task_response":
+          eventType = "task_response";
+          break;
+        case "agent_selected":
+          eventType = "agent_selected";
+          break;
+        case "error":
+          eventType = "error";
+          break;
+        default:
+          eventType = "message";
+      }
+      const metadata = {
+        messageType: validatedMessage.type,
+        from: validatedMessage.from,
+        to: validatedMessage.to,
+        room: validatedMessage.room,
+        taskId: validatedMessage.task_id
+      };
+      await this.sendWebhook(eventType, validatedMessage, metadata);
+    } catch (error) {
+      if (error instanceof z.ZodError) {
+        this.logger.error("Invalid message for webhook", error);
+        throw new ValidationError("Invalid message for webhook", error);
+      }
+      throw error;
+    }
+  }
+  /**
+   * Process webhook queue
+   */
+  private async processQueue(): Promise<void> {
+    if (this.isProcessing || this.queue.isEmpty() || this.isDestroyed) {
+      return;
+    }
+    this.isProcessing = true;
+    while (!this.queue.isEmpty() && !this.isDestroyed) {
+      const item = this.queue.peek();
+      if (!item) break; // Queue empty
+      // Check if we should retry
+      if (item.nextRetry && item.nextRetry > new Date()) {
+        // Wait until retry time
+        const delay = item.nextRetry.getTime() - Date.now();
+        this.processTimer = setTimeout(() => {
+          this.isProcessing = false;
+          this.processQueue();
+        }, delay);
+        return;
+      }
+      try {
+        // Use circuit breaker for fault tolerance (CB-3)
+        await this.circuitBreaker.execute(async () => {
+          await this.deliverWebhook(item);
+        });
+        // Success - remove from queue
+        this.queue.shift();
+      } catch (error) {
+        // Check if circuit breaker is open
+        if (error instanceof CircuitBreakerError) {
+          this.logger.warn("Circuit breaker is OPEN, pausing webhook delivery", {
+            state: error.state
+          });
+          // Don't retry immediately when circuit is open
+          // Queue will be retried when circuit closes
+          this.isProcessing = false;
+          return;
+        }
+        // Handle retry logic
+        item.attempts++;
+        item.lastAttempt = new Date();
+        item.error = error as Error;
+        // Check if we should retry using the retry policy (REL-3)
+        if (!this.retryPolicy.shouldRetry(item.attempts)) {
+          // Max retries reached
+          this.logger.error("Webhook delivery failed after max retries", {
+            url: this.webhookConfig?.url,
+            attempts: item.attempts,
+            error: error
+          });
+          this.emit("webhook:error", error as Error, this.webhookConfig?.url ?? "");
+          this.queue.shift();
+        } else {
+          // Schedule retry using configured strategy
+          const retryDelay = this.retryPolicy.calculateDelay(item.attempts);
+          item.nextRetry = new Date(Date.now() + retryDelay);
+          this.logger.warn(`Webhook delivery failed, retrying in ${retryDelay}ms`, {
+            url: this.webhookConfig?.url,
+            attempt: item.attempts,
+            error: error
+          });
+          this.emit("webhook:retry", item.attempts, this.webhookConfig?.url ?? "");
+          // Move to end of queue
+          const failedItem = this.queue.shift();
+          if (failedItem) {
+            this.queue.push(failedItem);
+          }
+        }
+      }
+    }
+    this.isProcessing = false;
+  }
+  /**
+   * Deliver a webhook
+   */
+  private async deliverWebhook(item: WebhookQueueItem): Promise<void> {
+    if (!this.webhookConfig) {
+      throw new Error("Webhook not configured");
+    }
+    const controller = new AbortController();
+    const timeout = setTimeout(() => {
+      controller.abort();
+    }, this.webhookConfig.timeout);
+    try {
+      this.logger.debug("Delivering webhook", { url: this.webhookConfig.url });
+      const options: RequestInit = {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          ...this.webhookConfig.headers
+        },
+        body: JSON.stringify(item.payload),
+        signal: controller.signal as any
+      };
+      const response = await fetch(this.webhookConfig.url, options);
+      if (!response.ok) {
+        throw new WebhookError(`Webhook returned status ${response.status}`, {
+          status: response.status,
+          statusText: response.statusText
+        });
+      }
+      const responseData = await response.text();
+      this.logger.debug("Webhook delivered successfully", {
+        url: this.webhookConfig.url,
+        status: response.status
+      });
+      this.emit("webhook:sent", item.payload, this.webhookConfig.url);
+      this.emit("webhook:success", responseData, this.webhookConfig.url);
+    } catch (error: any) {
+      if (error.name === "AbortError") {
+        throw new WebhookError("Webhook timeout", {
+          timeout: this.webhookConfig.timeout
+        });
+      }
+      throw new WebhookError(`Webhook delivery failed: ${error.message}`, error);
+    } finally {
+      clearTimeout(timeout);
+    }
+  }
+  /**
+   * Validate webhook URL for SSRF vulnerabilities
+   * Uses comprehensive SSRF validator to block:
+   * - Private IP ranges (RFC1918)
+   * - Cloud metadata endpoints (AWS, GCP, Azure)
+   * - Kubernetes service discovery
+   * - Dangerous internal ports
+   * - Localhost (unless allowInsecureWebhooks is enabled)
+   */
+  private validateWebhookUrl(url: string): void {
+    try {
+      // Use comprehensive SSRF validator
+      // allowInsecureWebhooks controls whether localhost/HTTP is allowed
+      validateSSRF(url, this.config.allowInsecureWebhooks ?? false);
+    } catch (error: any) {
+      throw new WebhookError(`Webhook URL validation failed: ${error.message}`, { url });
+    }
+  }
+  /**
+   * Gets the current status of the webhook delivery queue.
+   * Useful for monitoring webhook health and detecting delivery issues.
+   *
+   * @returns Object containing queue statistics
+   * @returns {number} returns.pending - Total number of webhooks in queue (including failed)
+   * @returns {boolean} returns.processing - Whether queue is currently being processed
+   * @returns {number} returns.failed - Number of webhooks that have failed and are awaiting retry
+   *
+   * @example
+   * ```typescript
+   * const status = webhookHandler.getQueueStatus();
+   * console.log(`Queue: ${status.pending} pending, ${status.failed} failed`);
+   * if (status.failed > 10) {
+   *   console.warn('High number of failed webhooks detected');
+   * }
+   * ```
+   */
+  public getQueueStatus(): {
+    pending: number;
+    processing: boolean;
+    failed: number;
+    circuitState: string;
+  } {
+    const circuitState = this.circuitBreaker.getState();
+    return {
+      pending: this.queue.size(),
+      processing: this.isProcessing,
+      failed: this.queue.toArray().filter((item) => item.error).length,
+      circuitState: circuitState.state
+    };
+  }
+  /**
+   * Clears all pending and failed webhooks from the delivery queue.
+   * Warning: This permanently discards all queued webhooks.
+   * Use this to recover from queue issues or when webhooks are no longer relevant.
+   *
+   * @example
+   * ```typescript
+   * webhookHandler.clearQueue();
+   * console.log('All pending webhooks cleared');
+   * ```
+   */
+  public clearQueue(): void {
+    this.queue.clear();
+    this.logger.info("Webhook queue cleared");
+  }
+  /**
+   * Retries all failed webhooks in the queue immediately.
+   * Resets attempt counters and error states for failed webhooks.
+   * Useful for recovering from temporary network or endpoint issues.
+   *
+   * @example
+   * ```typescript
+   * const status = webhookHandler.getQueueStatus();
+   * if (status.failed > 0) {
+   *   webhookHandler.retryFailed();
+   *   console.log(`Retrying ${status.failed} failed webhooks`);
+   * }
+   * ```
+   */
+  public retryFailed(): void {
+    const failed = this.queue.toArray().filter((item) => item.error);
+    for (const item of failed) {
+      item.attempts = 0;
+      item.error = undefined;
+      item.nextRetry = undefined;
+    }
+    this.processQueue();
+  }
+  /**
+   * Destroys the webhook handler and cleans up resources.
+   * Stops queue processing, clears all timers, removes event listeners,
+   * and discards all pending webhooks. After destruction, the handler cannot be reused.
+   *
+   * @example
+   * ```typescript
+   * webhookHandler.destroy();
+   * console.log('Webhook handler destroyed');
+   * ```
+   */
+  public destroy(): void {
+    this.isDestroyed = true;
+    this.isProcessing = false;
+    if (this.processTimer) {
+      clearTimeout(this.processTimer);
+      this.processTimer = undefined;
+    }
+    this.clearQueue();
+    this.removeAllListeners();
+  }
+  /**
+   * Quick check for whether a webhook URL has been configured.
+   * Returns true if configure() has been called with a valid URL.
+   *
+   * @returns True if webhook is configured, false otherwise
+   *
+   * @example
+   * ```typescript
+   * if (webhookHandler.isConfigured) {
+   *   console.log('Webhooks are enabled');
+   * } else {
+   *   console.log('Webhooks not configured');
+   * }
+   * ```
+   */
+  public get isConfigured(): boolean {
+    return !!this.webhookConfig;
+  }
+  /**
+   * Gets the current webhook configuration including URL, headers, and settings.
+   * Returns a defensive copy to prevent external modification of internal state.
+   * Returns undefined if webhook has not been configured.
+   *
+   * @returns Copy of current webhook configuration, or undefined if not configured
+   *
+   * @example
+   * ```typescript
+   * const config = webhookHandler.getConfig();
+   * if (config) {
+   *   console.log(`Webhook URL: ${config.url}`);
+   *   console.log(`Max retries: ${config.retries}`);
+   *   console.log(`Timeout: ${config.timeout}ms`);
+   * }
+   * ```
+   */
+  public getConfig(): WebhookConfig | undefined {
+    return this.webhookConfig ? { ...this.webhookConfig } : undefined;
+  }
+}